From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,bc9bd88290383e6f X-Google-Attributes: gid103376,public From: "Dr. Robert Leif" Subject: Re: C++ Should not be used for Medical Devices Date: 1997/01/25 Message-ID: <3.0.32.19970125203845.006e91c0@mail.4dcomm.com>#1/1 X-Deja-AN: 212265877 sender: Ada programming language x-sender: rleif@mail.4dcomm.com comments: To: Jim Chelini content-type: text/plain; charset="us-ascii" mime-version: 1.0 newsgroups: comp.lang.ada x-mailer: Windows Eudora Pro Version 3.0 (32) Date: 1997-01-25T00:00:00+00:00 List-Id: From: Bob Leif To: Jim Chelini et al. You wrote: ---------------------------------------------------------------------------- ----- Date: Thu, 23 Jan 1997 15:51:01 GMT From: Jim Chelini Subject: Re: C++ Should not be used for Medical Devices When it comes to safety critical software, I would certainly agree with the use of Ada. However, I would avoid a number of features including tasking and dynamic allocation. In the cases where a life is at risk whether it is a medical device, aircraft, or a rail system, stick to deterministic constructs. Once the program has completed elaboration, it should not perform dynamic operations. Also, make sure the run-time is developed, documented, and TESTED to the same degree as the application. If you don't, you have left a very large hole in the system. This limits some of the more interesting features of the language, but the goal is to develop a safe system. ---------------------------------------------------------------------------- --------------------- There are 3 levels of medical devices. My experience is with FDA Class 2 devices. I have worked with clinical laboratory instrumentation. Pacemakers are Class 3. The only dynamic feature of Ada I insist upon is conformant arrays. The data from my systems can be very large. The size of the arrays must be set at run time. However, as opposed, to your past experience, my systems can crash without significant harm! My major hazard is producing incorrect data. Our previous systems worked under Alsys Ada for DOS. Our next target is Windows 95. I also wish to modify your last statement. My goal is to develop a safer system. Since the competing technologies like C++ are really lousy, I do NOT wish to put constraints on the use of Ada. I believe that you agree that, if you are going to do real-time (tasking) and dynamic allocation, it is safer to use Ada '95 then C++, C. SmallTalk, etc. Please remember in the real world, safer is where we start. I just visited the exhibits of a Laboratory Automation Meeting here in San Diego. Virtually all of the software was in C and C++. How about next year, the local SigAda with the help of the Ada vendors pay and man a booth together. I decided to post this to Comp.Lang.Ada because there are three good reasons for encouraging the use of Ada for medical devices. 1. It is technically correct. 2. The Ada vendors should start selling to this market. 3. None of us want to take the chance that improperly programmed medical devices will be used on themselves or their loved ones? Now, you and Aonix can help medical devices by providing a warning on your compilers including the one for Windows 95 when the code is forced to do run-time dispatching. This feature is just too hard to test. Unfortunately, most medical device programmers are not as talented as many members of this news group. The second is to provide "Windows 97" and other operating systems with an inexpensive real-time core written in Ada. The third is to make 4 bit Nibbles (Nybbles) a supported data type. Ada arrays (strings) of Nibbles are a very good model for the nucleic acid polymers, DNA and RNA. Yours, Bob Leif Robert C. Leif, Ph.D., PMIAC, Vice President & Research Director Ada_Med, A Division of Newport Instruments Tel. & Fax (619) 582-0437 Please send e-mail to my new address, rleif@rleif.com Thank you.